Review: Windows 8 – Security

Pocketables is reviewing a different aspect of Windows 8 each week until the operating system’s public launch on October 26. Having just taken a look at the web browser, it’s time to take a look at security.

First off, let me say that I don’t claim to be a security expert. But with Windows 8, you don’t really need to be one. When combined with common sense, Windows 8’s new security enhancements are more than enough to keep you protected on a day-to-day basis.

The most obvious security enhancements are the new logon options. While you can still log in with your regular password, you now have the option of signing in with a four-digit PIN or a new picture password. Picture passwords are created by drawing a series of three lines, circles, or taps on a picture of your choice. Simply repeat this combination of gestures whenever you want to log in. While this isn’t too useful with a keyboard and mouse (although it is certainly do-able), it’s very handy on a touchscreen device.

Connecting your user profile to your Microsoft account adds an additional layer of security, allowing you to specify Trusted PCs, as well as add contact information and a security question for two-factor authentication. If you forget your password, you can even reset it from another Trusted PC. This, of course, is in addition to the other sync and cloud-based features that I’ll be taking a look at in the coming weeks.

For years, we’ve become accustomed to installing some sort of anti-virus (e.g. malware protection) software the second you get a new PC. But believe it or not, you don’t need to worry about this with Windows 8. That’s right, for the first time ever, a Microsoft OS now provides malware protection out of the box in the form of Windows Defender. Windows Defender has been around in one form or another since 2006, but the version included with Windows 8 is very different from its predecessors. Microsoft Security Essentials, the excellent “anti-annoying, anti-expensive, anti-virus program” has essentially been merged into Windows Defender, giving Windows 8 “real-time detection and protection.” Gone are the days of having to install a third-party AV solution. You can still choose to do so, of course – some offer additional but often unnecessary features – but the basics come included in the box.

Internet Explorer’s SmartScreen feature has also made the jump to Windows 8, lending the OS protection against social engineering attacks with “reputation-based technologies.” Best of all, SmartScreen, like the rest of Windows 8’s security measures, is unobtrusive. “We expect average users to see a SmartScreen prompt less than twice per year,” said Microsoft’s Jason Garms, “and when they do see it, it will signify a higher risk scenario.” This has certainly proved to be the case in my experience. Since installing the final version of Windows 8 over a month ago, I’ve only seen a SmartScreen warning once, and that was when I was attempting to install a relatively obscure piece of software.

Other security features include a new version of BitLocker with support for provisioning, encrypting only used disk space, standard user PIN and password changes, network unlock, and Encrypted Hard Drives; UEFI secure boot; a sandboxed app model; a new “peek” feature for looking at what you’ve typed into a password textbox; the ability to sync passwords for apps, websites, networks, and HomeGroup across devices; and much more. It’ll be interesting to see what the security experts have to say about the new password sync feature, in particular.

In short, Windows 8 is the most secure Microsoft OS to date, and it’s arguably one of the most secure operating systems of all time. This alone is reason enough to upgrade.

About the Author

William Devereux is the former Microsoft editor at Pocketables, as well as a Microsoft MVP and SkyDrive/Outlook.com Insider. As his title implies, he wrote about all things from Redmond, including Windows 8 and Windows Phone. He is currently carrying a Windows Phone 8X by HTC and a Microsoft Surface with Windows RT tablet.

Nagaraj

well it’s certainly been a long journey for microsoft to achieve success in this field, especially considering mac and ubuntu, which achieved this a lot earlier.

Mike

What took them so long? *NIX systems have been secure since their inception some 40’ish years ago.

Nagaraj

and what exactly does nix have to do with microsoft??

Vakeros

I belive he meant Uni*

Fifth313ment

I won’t be leaving Windows 7 for a long time it seems. The Windows 8 “flat” metro look is horrid. I prefer the glass Aero UI a million times more than this crap. And no start bar, WTF?! That would be like the next iteration of Android doing away with the widgets home screen setup and moving to an app tray only version like iOS. It would be crazy and this is crazy, and ugly!

William Devereux

To be fair, Windows 8 still has a taskbar. It’s the Start button which has been replaced with the Start screen. Of course, whether or not you like the flatter look and the new Start screen (I do) is personal preference.

Nagaraj

it is definitely going to take people time to catch on to the new interface though. what is bugging me is whether windows 8 is going to bring about a restricted environment for users?

gyffes

Wait… I don’t have to use my 12-digit password to log in.. just a 4-digit pin?

Yeah, that’s WAY more secure!

William Devereux

It’s just as secure as your smartphone, which has access to a lot of the same personal data. ;)

The PIN is completely optional, but it’s nice to have.

hisuwh

I was thinking the same thing

Abraham

I have used Microsoft Security Essentials for a long time. It is a great free anti virus that just works. It is not annoying or a resource hog; which is awesome.

I dont know why Microsoft did not ship it with Windows 7 by default, or why it hasnt pushed it through a Windows Update. Yet, good job Microsoft, I look forward to upgrading to Windows 8 for 15 bucks.

William Devereux

Microsoft has tried to include malware protection in past versions of Windows, but its plans were always shot down by governments and regulators. Thankfully, it was able to do it this time around.

Abraham

Really? I did not know that.
Why would they block it? Apple does it, why not Microsoft?

William Devereux

They were worried that it would decrease competition in the AV market and create a monopoly.

Tim

I have used Security Essentials for years on all my computers .As for Win 8 this will be the first time I will not upgrade I’m happy with Win 7.The only thing I would want is IE 10 and we will get that later,